webserver traffic

I have a webserver at home that has two purposes:

# serve my start.html page to the various computers around the home network
# serve a Java SSH client for remote access when I am travelling

otherwise, it’s empty; there’s an index.html that redirects visitors to “www.cfrq.net”:http://www.cfrq.net/.

So in the spirit of “joy”:http://www.cleverhack.com/blog/ I offer one weeks worth of log entries:

bc. 64.210.196.197 – – [05/Oct/2003:08:00:28 -0400] “GET /robots.txt HTTP/1.0” 404 1044 “-” “Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; Girafabo
t; girafabot at girafa dot com; http://www.girafa.com)”
64.210.196.197 – – [05/Oct/2003:08:00:30 -0400] “GET / HTTP/1.0” 200 346 “-” “Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; Girafabot; girafabo
t at girafa dot com; http://www.girafa.com)”
202.62.124.246 – – [05/Oct/2003:08:57:23 -0400] “GET /scripts/nsiislog.dll” 404 1040 “-” “-”
195.199.113.93 – – [05/Oct/2003:09:11:20 -0400] “GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir” 404 1040 “-” “-”
217.235.215.221 – – [05/Oct/2003:13:26:02 -0400] “GET /scripts/nsiislog.dll” 404 1040 “-” “-”
4.65.206.189 – – [06/Oct/2003:03:52:41 -0400] “GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir” 404 1040 “-” “-”
130.39.12.96 – – [06/Oct/2003:09:36:03 -0400] “GET /scripts/nsiislog.dll” 404 1040 “-” “-”
129.16.97.149 – – [06/Oct/2003:10:07:45 -0400] “GET /scripts/nsiislog.dll” 404 1040 “-” “-”
202.63.163.46 – – [06/Oct/2003:16:26:29 -0400] “GET /scripts/nsiislog.dll” 404 1040 “-” “-”
218.103.70.82 – – [07/Oct/2003:05:04:48 -0400] “GET / HTTP/1.1” 400 298 “-” “-”
62.94.18.69 – – [07/Oct/2003:07:35:18 -0400] “GET /scripts/nsiislog.dll” 404 1040 “-” “-”
64.68.82.169 – – [07/Oct/2003:08:51:01 -0400] “GET /robots.txt HTTP/1.0” 404 1044 “-” “Googlebot/2.1 (+http://www.googlebot.com/bot.html)”
64.68.82.169 – – [07/Oct/2003:08:51:12 -0400] “GET / HTTP/1.0” 304 0 “-” “Googlebot/2.1 (+http://www.googlebot.com/bot.html)”
211.38.42.212 – – [07/Oct/2003:11:06:28 -0400] “GET / HTTP/1.1” 400 298 “-” “-”
80.50.49.231 – – [07/Oct/2003:16:09:35 -0400] “GET /sumthin HTTP/1.0” 404 1040 “-” “-”
211.233.37.239 – – [07/Oct/2003:19:40:15 -0400] “GET / HTTP/1.1” 400 298 “-” “-”
64.68.82.38 – – [08/Oct/2003:06:19:30 -0400] “GET / HTTP/1.0” 304 0 “-” “Googlebot/2.1 (+http://www.googlebot.com/bot.html)”
64.216.223.109 – – [09/Oct/2003:01:03:38 -0400] “POST http://64.216.223.109:25/ HTTP/1.1” 200 346 “-” “-”
67.97.3.89 – – [09/Oct/2003:12:21:16 -0400] “GET /sumthin HTTP/1.0” 404 1040 “-” “-”
64.68.82.167 – – [10/Oct/2003:10:43:21 -0400] “GET /robots.txt HTTP/1.0” 404 1044 “-” “Googlebot/2.1 (+http://www.googlebot.com/bot.html)”
64.68.82.167 – – [10/Oct/2003:10:43:28 -0400] “GET / HTTP/1.0” 304 0 “-” “Googlebot/2.1 (+http://www.googlebot.com/bot.html)”
206.98.253.78 – – [10/Oct/2003:20:43:37 -0400] “GET /sumthin HTTP/1.0” 404 1040 “-” “-”
213.206.74.231 – – [10/Oct/2003:23:29:19 -0400] “GET / HTTP/1.0” 200 346 “-” “-”
64.81.53.154 – – [11/Oct/2003:08:43:44 -0400] “GET /scripts/nsiislog.dll” 404 1040 “-” “-”
66.77.73.44 – – [11/Oct/2003:17:32:30 -0400] “GET /robots.txt HTTP/1.0” 404 1044 “-” “FAST-WebCrawler/3.8 (atw-crawler at fast dot no; http://fa
st.no/support/crawler.asp)”
12.247.47.7 – – [11/Oct/2003:19:11:29 -0400] “CONNECT 1.3.3.7:1337 HTTP/1.0” 405 964 “-” “-”

A little bit of search engine spider traffic, and a bunch of hack attempts. “Fascinating”, as Spock would say…

The “/sumthin fetch”:http://www.webmasterworld.com/forum11/2100.htm is apparently from a couple of trojans looking for 404 pages, because they often identify the webserver (and its weaknesses). “nsiislog.dll”:http://securityresponse.symantec.com/avcenter/security/Content/8035.html is a known buffer overflow. The POST to port 25 is a spammer looking for an open proxy, and the CONNECT 1.3.3.7:1337 is apparently a newer version of the same scanner (looking for the 405 error on the CONNECT, presumably).

As mentioned before, I run scripts that searches my logs for common hack attempts and blacklists (or RBLs) the source. Now I’ve got some new patterns to search for.

Coming on Monday: “automated comment spam blacklists”:http://www.jayallen.org/journey/2003/10/mtblacklist_monday_hell_or_high_water …

posted at 7:23 pm on Saturday, October 11, 2003 in Security | Comments Off on webserver traffic

RSS + XML trick

“Russell Beattie”:http://www.russellbeattie.com/notebook/” blogged about an “XML + XSL Trick”:http://www.russellbeattie.com/notebook/1004309.html to convert RSS feeds into something that renders readably in modern browsers.

I decided to “try it out”:http://blog.cfrq.net/chk/index.rdf, and discovered in the process just how picky XML is; I had to change my SmartyPants installation to output UTF-8 sequences instead of “HTML Entities”:http://www.htmlhelp.com/reference/html40/entities/. I stopped there; although I intended to see if I could modify the “rss2html.xsl”:http://blogl.cfrq.net/chk/rss2html.xsl script to work for RSS 2.0, I never found the time…

posted at 9:48 pm on Friday, October 10, 2003 in Site News | Comments Off on RSS + XML trick

Lazy

I was going to rant about several things; “the Vatican and condoms”:http://www.plastic.com/article.html;sid=03/10/10/14414386, the “SunnComm copyprotection lawsuit”:http://www.wired.com/news/digiwood/0,1412,60774,00.html, “Zero Tolerance Idiocy”:http://www.plastic.com/article.html;sid=03/10/10/20320422 and at least two other things that I’ve forgotten now. But it’s been a busy week, and I’m feeling lazy, and I have “CSI:Miami”:http://www.tvtome.com/CSIMiami/ and “Joan of Arcadia”:http://www.tvtome.com/JoanofArcadia/ to watch on TV…

(But I wasn’t going to rant about SCO. That’s been done to death :-)

posted at 8:36 pm on Friday, October 10, 2003 in Rants | Comments Off on Lazy

Electricity deregulation needs to respect physics

An article in “The Industrial Physicist”:http://www.aip.org/tip/ entitled “What’s wrong with the electric grid?”:http://www.tipmagazine.com/tip/INPHFA/vol-9/iss-5/p8.html eloquently states what I’ve believed all along:

bq. In the view of Casazza and many other experts, the key error in the new rules was to view electricity as a commodity rather than as an essential service.

A normal competitive market requires tension between buyers and sellers. Buyers are trying to get the lowest possible price; sellers are trying to get the highest possible price. The “sweet point” in the market maximises profit for the seller; lowering the price lowers margins and reduces profit, while raising the price drives away buyers, reducing revenue.

That last part is why competition in essential goods and services cannot work; if a buyer cannot choose to _not_ purchase, then there is no force acting to reduce prices. We need to consume a minimum amount of energy; for example, if we don’t purchase one of heating oil, electricity, or natural gas, then we _freeze to death_. We can conserve energy and reduce consumption somewhat, but we cannot stop using it altogether, and that means that energy cannot be traded in a truly competitive market.

Instead, energy automatically becomes scarce, and prices rise. This happens for two reasons. First, when energy prices are low, there is no incentive for energy producers to invest in new generators; they won’t make any money doing so. When energy prices are _high_, there is no incentive to invest, because new generators will lower prices, reducing both the “free” profit margin on the existing generators, _and_ reducing the profit available to pay for the new capacity.

Second, this kind of good creates an incentive to “game the system”: producers (or traders) can create artificial shortages and watch prices rise as buyers scramble to secure the power they need. In fact, we experienced both of these outcomes:

bq. “Under the new system, the financial incentive was to run things up to the limit of capacity,” explains Carreras. In fact, energy companies did more: they gamed the system. Federal investigations later showed that employees of Enron and other energy traders “knowingly and intentionally” filed transmission schedules designed to block competitors’ access to the grid and to drive up prices by creating artificial shortages. In California, this behavior resulted in widespread blackouts, [and] the doubling and tripling of retail rates […]. In the more tightly regulated Eastern Interconnect, retail prices rose less dramatically.

bq. After a pause following Enron’s collapse in 2001 and a fall in electricity demand (partly due to recession and partly to weather), energy trading resumed its frenzy in 2002 and 2003. Although power generation in 2003 has increased only 3% above that in 2000, generation by independent power producers, a rough measure of wholesale trading, has doubled. System stress, as measured by TLRs and frequency instability, has soared, and with it, warnings by FERC and other groups.

The blackout on August 14th was an inevitable result, and the subsequent outages in London and Italy should show even the optimists that August 14th was not an isolated event.

posted at 7:57 pm on Friday, October 10, 2003 in Rants | Comments Off on Electricity deregulation needs to respect physics

Multiple Monitors Increase Productivity

According to a study by NEC-Mitsubishi, ATI, and the University of Utah, “Mutliple Monitors Increase Productivity”:http://www.necmitsubishi.com/newsNew/PressDEtail.cfm?document_id=881.

I wonder if we can liberate some funds from IT based on this study? <grin>

Read more at “Tom’s Hardware”:http://www.tomshardware.com/technews/20031006_095822.html and “EE Times”:http://www.eetimes.com/pressreleases/prnewswire/103399.

(via “/.”:http://slashdot.org/article.pl?sid=03/10/09/137232)

posted at 8:38 pm on Thursday, October 09, 2003 in Science and Technology | Comments Off on Multiple Monitors Increase Productivity

New US $20

“More Secure, Colorful $20 Bill Makes Its Debut”:http://www.moneyfactory.com/newmoney/main.cfm/media/releases102003newyork

bq. we want to emphasize that older-design $20 notes are still in circulation, and still maintain their value,” said Marsha Reidhill, the Federal Reserve Board’s assistant director for cash and fiscal agency. A genuine U.S. $20 bill – whether it has the new background colors or the familiar green and black – is legal tender, worth $20.

“Treasury will spend $53 million over 5 years to market new pink greenbacks”:http://money.cnn.com/2003/09/16/pf/banking/marketing_new_money/

bq. The Department of the Treasury will spend $53 million over the next five years on a public relations campaign to market new money. […] the BEP wants to make sure nobody is confused into questioning the authenticity of the bills, despite their radically altered look.

I’m glad to see that the USA is upgrading their money. It is apparently the most counterfeited bill on the planet, and that’s not only because it is a popular international currency; it’s also because it is easy to copy.

I was amused that people need to be _told_ that the new bill really is legal tender. I have two different $5 bills in my pocket right now, and I remember once having _three_ different $20 bills, so I’m used to regularly changing currency. As I recall, US paper money hasn’t changed much during my lifetime. On the other hand, Canada also advertises currency changes, so I guess I can’t really complain :-)

As for “radically altered look”? _This_ is “radically altered look”:

* 1972: “!http://blog.cfrq.net/chk/files/1273a.gif(1972 $5 bill)!”:http://www.bankofcanada.ca/en/banknotes/general/character/1969-79_5.htm
* 1986: “!http://blog.cfrq.net/chk/files/1282.gif(1986 $5 bill)!”:http://www.bankofcanada.ca/en/banknotes/general/character/1986_5.htm
* 2002: “!http://blog.cfrq.net/chk/files/05-med.gif(2002 $5 bill)!”:http://www.bankofcanada.ca/en/banknotes/general/character/2001_05f.htm

Also from the CNN article:

bq. In an age of media saturation, no publicity campaign is complete without some sort of Hollywood spin. “We did a lot of research,” said Haley. “The focus groups all told us that if you want broad reach, you have to be on TV.”

Which translates to _product placements_ on Wheel of Fortune, Jeopardy, and even America’s Funniest Home Videos. Yikes!

posted at 8:30 pm on Thursday, October 09, 2003 in Current Events | Comments (3)
  1. No fair making fun of us Americans and our bland, easy-to-copy money.

    I’ve always envied the multicolored money from other countries. The varying sizes, however, I could do without. However, seems to me, if we keep changing it, won’t it be easier for someone to slip a fake one in? All they have to say is: It’s the new 20; haven’t you seen it, yet?”

    [38/100]

  2. Reid says:

    I remember the 5 dollar bill with the Queen on it. http://www.bankofcanada.ca/en/banknotes/general/character/1954_5.htm

Eudora SSL help

I’ve updated my “SSL Help Pages”:http://www.cfrq.net/ssl/ to include a description of the steps required to get Outlook Express and Eudora to work with the SSL-protected mailservers here.

The Eudora configuration is a little ugly; there’s a buglet in Eudora’s TLS implementation that means you have to force Eudora to use SSL 3.0, and doing so requires editing the eudora.ini file :-). Also, Eudora can’t configure certificate trust settings until _after_ you attempt-but-fail an SSL negotiation, so you have to stand on your head a bit.

Anyway, the new page is “Eudora SSL Help”:http://www.cfrq.net/ssl/eudora.html. some people might find it useful for connecting to other SSL-enabled mailservers using Eudora.

(After I wrote the page I found another similar page, with similar screen shots, over at “Oxford’s FMRIB”:http://www.fmrib.ox.ac.uk/computing/docs/mailclients/eudora.html. Honest, I wrote mine -first- +before I read theirs+ :-)

posted at 7:43 pm on Wednesday, October 08, 2003 in Site News | Comments Off on Eudora SSL help

Link Dump

I’m going to totally mess up Google here, and do my first link dump. These are all items that have been sitting in my aggregator for a while that I don’t want to lose, but I’m too busy (or brain-dead) to comment on right now.

“Axentra Rumba Server”:http://www.osnews.com/story.php?news_id=4730 – a mini-ITX based home firewall _and_ server.
“Trained Eye Gallery”:http://www.timdavisartimages.com/pages/main.html – macro photographs of … boxcars.
“StarROMs, Inc”:http://www.starroms.com/ – legally download old videogame ROMs.
“America — love it or, um…”:http://www.plaidworks.com/chuqui/blog/000851.html
“Andrew Clover’s JavaScript Browser Parasite Detector”:http://doxdesk.com/parasite/
“Verisign: Documenting the Damage”:http://www.unicom.com/chrome/a/000364.html
“The avocado-green fridge”:http://weblog.infoworld.com/udell/2003/09/30.html#a814 – The PC is the avocado-green fridge…
“OpenOffice 1.1 is out”:http://www.openoffice.org/
“The Telescope Game”:http://www.dyson.co.uk/game/play.asp
“Killing Comment Spam Dead”:http://www.jayallen.org/journey/2003/09/killing_comment_spam_dead
“Open Perl IDE”:http://open-perl-ide.sourceforge.net/
“Exit Windows, mostly”:http://usefulinc.com/edd/blog/2003/9/25#03:28 – one linux desktop story
“Settling in with the penguin”:http://www.bradchoate.com/past/001709.php – another linux desktop story
“An End To Driver Hell”:http://loosewire.blogspot.com/archives/2003_09_14_loosewire_archive.html#106395389188687000 – Driver Magician can backup installed drivers from your running windows box.
“More Search Options”:http://loosewire.blogspot.com/archives/2003_09_11_loosewire_archive.html#106333158581759990 – two desktop search tools (80-20 and X1).

*Update:*

“Balancing visual and structural complexity in interaction design”:http://www.guuui.com/issues/04_03.asp – How visual simplicity can harm usability
“Killing Comment Spam for Dummies”:http://www.jayallen.org/journey/2003/09/killing_comment_spam_for_dummies – more on the subject
“Debian Backports”:http://www.backports.org/ – run new software on an older system

Enjoy…

posted at 11:21 am on Saturday, October 04, 2003 in Links | Comments Off on Link Dump

Encounter at Farpoint

Encounter at Farpoint is on Spike TV tonight. I had forgotten just how _bad_ ST:TNG was at the begining! I think the only reason we kept watching it was that it was the first Star Trek we had seen in decades.

Well, that and John DeLancie as Q :-)

posted at 10:02 pm on Friday, October 03, 2003 in TV | Comments (1)
  1. Paul says:

    Yes, early STTNG was painfully stilted, at the best of times. It took a few years for it to really start to hit its stride.

    But even so, I don’t think it was quite as bad as most of third season TOS.

Cardinal Directions

Blog, Jvstin Style: Cardinal Directions

Well, I had to do some research with “MapQuest”:http://www.mapquest.com/ and “Google”:http://www.google.com/ to find the answers. Here goes:

_What is the furthest North you have ever been?_

Hönefoss, Norway (slightly NW of Oslo).

_The furthest South?_

Punta Cana in the Dominican Republic.

_The furthest West?_

Tofino, British Columbia, Canada.

_The furthest East?_

Either Munich, DE or Garmisch-Partenkirchen, DE (whichever is farther east; MapQuest has them on a perfect North-South line).

_The highest elevation?_

The summit of “Zugspitze”:http://www.summitpost.com/show/mountain_link.pl/mountain_id/150, SW of Garmisch-Partenkirchen in Germany. 2,962m above sea level.

I don’t think I’m doing _too_ badly, for a homebody :-)

posted at 9:41 pm on Friday, October 03, 2003 in Links | Comments Off on Cardinal Directions

EXIF Reader

Normally I’d put this in the sideblog, but I wanted to make sure my reader actually saw it :-).

“Exif Reader”:http://www.takenet.or.jp/~ryuuji/minisoft/exifread/english/ is a software package that “analyzes and displays the shutter speed, flash condition, focal length, and other image information included in the Exif image format which is supported by almost all the latest digital cameras.” Check it out.

If you’re running Linux, you may also want “jhead”:http://www.sentex.net/~mwandel/jhead/index.html, a command-line utility that reads the Exif data out as text…

posted at 9:40 pm on Friday, October 03, 2003 in Links | Comments Off on EXIF Reader

PaperClip for Cell Phones

“Digital Convergence”:http://www.digitalconvergence.com/ went away, probably because they had to give away millions of free barcode readers in order to make their “connect bar codes to the internet” solution work. Handheld, cabled-to-the-computer barcode readers were too clumsy for everyday use (although mine works great attached to an old PC in my library :-).

“NeoMedia Technologies”:http://www.neom.com/ has the right idea: “PaperClick”:http://www.paperclick.com/ for Cell Phones lets you take a picture of a barcode with your camera phone, and have information about that barcode appear on your cellphone’s browser.

The example everyone’s talking about is “displaying the Amazon price for a book”:http://home.businesswire.com/portal/site/google/index.jsp?ndmViewId=news_view&newsId=20030930005562&newsLang=en, but I think there are other interesting (if more mundane) uses, like bringing up nutritional data or competitive pricing while browsing supermarket shelves…

The big winners are the cell phone providers, who now have a “killer app” for the high-speed data networks they’ve been building :-)

[ I wonder what’s up with DC’s patents on this technology? ]

posted at 9:38 pm on Friday, October 03, 2003 in Science and Technology | Comments (4)
  1. joy says:

    If I remember it correctly, the problem with the cue cat wasn’t that it was cabled, but instead because all of your scans were monitored by Digital Convergence.

    There was a way to neuter the cue cat and turn it into a normal bar code scanner.

    Oh, and I still have mine sitting in an odds and ends box somewhere around here….

  2. Mike says:

    I have a Nokia 3650 phone and would like to try the bar code scanning software from NeoMedia. I could not find the software to download from the PaperClick site. Does anyone have the link?

  3. em-brof says:

    Bar Code Reader in Every Man’s Hand
    Soon, very soon, given the progression of camera phones, we will all have a bar code reader in our pocket….

  4. Palm and Java combo
    WebSphere Micro Environment (WME) Java 2 Micro Edition (J2ME) certified runtime environment will be available on Palm handhelds (good for them!).

    Now Java developers can use Tungsten devices to create Palm handheld Java applications (competition

New Job Orientation

So the integration team, including a swarm of HR people, arrived on Tuesday morning to give us three days of training on the company organisation, philosophy, practics, policies, and procedures. There were also IT people running around setting up e-mail and teaching us about IT services. Somewhere in there we managed to deal with a couple of customer issues. In short, it was busy.

My brain is completely fried; I think we just tried to pour a gallon of information into my cup-sized head :-).

Everyone was friendly and the meetings were light; there was lots of laughter. So far, I’m happy about the assimilation. It’s nice to be working for a company that’s not going out of business. We’ll see if I remain that way after we move to our new location in December…

There are 46 people with my last name in the company directory!

posted at 9:28 pm on Friday, October 03, 2003 in Personal | Comments Off on New Job Orientation
« Previous Page